Items tagged with data breach
It is time to unleash your inner Boba Fett. Facebook just announced a bounty program that will award people who uncover data abuses. The program offers up to $40,000 USD for substantiated cases. Facebook's chief security officer, Alex Stamos stated that the bounty program “Will help us find the cases of data abuse not tied to security vulnerability. ... This will cover both hemispheres, and help surface more cases like Cambridge Analytica so we can know about it first and take action.” Before you start counting your coin, it is important to note that the bounty program has very specific requirements. Facebook is looking for “any situation where data that was legitimately collected...
Read more...
Under Armor is a big name in the athletic clothing world. In addition to clothing, the company also has an app that is meant to allow people to track their food intake and nutrition to help get fit (and stay) fit. The app is very popular with users on iOS and Android, but it has suffered a major data breach. Under Armour has notified users that the MyFitnessPal app team became aware that an unauthorized third party had acquired data associated with user accounts for the app and website. That unauthorized access happened in late February 2018 and Under Armor states "The company quickly took steps to determine the nature and scope of the issue and to alert the MyFitnessPal community of the...
Read more...
Computer hackers accessed personally identifiable information and financial details belonging to around 1,400 University of Virginia workers as part of an email phishing scam, the University announced. An internal investigation determined that the culprits first accessed the stolen records in early November 2014 and continued to pluck private data up through early February 2015. The phishing emails were successful in tricking an untold number of recipients with access to the University's Human Resources system into coughing up their usernames and passwords. Once the hackers had the necessary login details, they were able to access W-2 forms of around 1,400 of the University's more than 20,000...
Read more...
T-Mobile CEO John Legere is ticked off and with good reason. Experian, which just so happens to process credit applications for T-Mobile, reported today that it was hit with a massive database breach. Experian describes the incident as an “unauthorized acquisition of information from a server” that contained “some personally identifiable information for approximately 15 million [T-Mobile] customers.” So what information were these “unauthorized” people able to obtain? Well according to Experian, personally identifiable information including names, date of birth, and social security numbers were obtained. Other identifiable information such as driver license numbers were also slurped up. Luckily,...
Read more...
The parade of banks, insurance companies and retailers that have suffered data breaches has caused many people to store their passwords with sites like LastPass. The security company creates a unique password for each of the user’s logins and provides access to those passwords via a single, master password.Now, LastPass is admitting that at least some of its data has been comprised. The company believes that its customers are not vulnerable, but it concedes that email addresses and authentication hashes are among the data affected. Password reminders and server per user salts were also comprised. “In our investigation, we have found no evidence that encrypted uer vault data was taken, nor that...
Read more...
After what's being described as a "massive data breach" at Global Payments, Visa has decided to part ways with the payment processor and try its luck elsewhere, Global Payments CEO Paul Garcia said, according to a report in the Associated Press. MasterCard, meanwhile, is either willing to give Global Payments the benefit of the doubt that this was a one-time snafu, or hasn't yet announced plans of its own to the ditch the payment processor. Garcia described the situation as being "absolutely contained" at this point, however as many as 1.5 million credit cards across the United States may have been affected. Compromised data includes credit card numbers, but not identifying information such as...
Read more...
As you head into the weekend getting ready to party and celebrate the end of another long and grueling work week, take some time to keep tabs on your MasterCard and Visa accounts. If you don't, you could be in for a rude awakening when you go to pay for drinks and find out that your card has been declined. At issue here is a what's being described as a "massive" data breach at a U.S.-based credit card processor, according to KrebsOnSecurity.com.Visa and MasterCard have both been sending out non-public alerts giving banks a heads up that specific cards -- possibly more than 10 million -- may have been compromised recently. Image Source: Flickr (philcampbell) A spokesman for MasterCard told The...
Read more...
Googling your own name might not be such a narcissistic activity after all; in fact, it just must save you from identity theft. At least that's what Kevin Andreyo, a Wilkes University professor, discovered when he used the "deep web" search engine, Pipl, to see what information about him might be publicly available on the Internet. What he found was a link to a document that not only included his Comcast user name and password, but the document also included what appeared to be the user names and passwords of over 8,000 other Comcast customers. Andreyo was inspired by the March 10, People Search Engines: They Know Your Dark Secrets... And Tell Anyone, PC World article, to do a little sleuthing...
Read more...
On what many Americans consider a day of change, here we go again with more of the same: a massive data breach involving Heartland Payment Systems, a credit card payment processor, that was announced on Tuesday. First, the good news: no merchant data or cardholder Social Security numbers, unencrypted personal identification numbers (PIN), addresses or telephone numbers were involved in the breach. Neither was any check processing data. Now for the bad news: since they were alerted to suspicious activity by Visa and MasterCard, tens of millions of credit and debit card numbers or transactions may have been affected. Wonderful. In a press release Robert H.B. Baldwin, Jr., Heartland's president...
Read more...
It all started with a snipped on page A23 of Thursday’s Washington Post, which notified the public that the McCain-Palin campaign was going to sell off its used office inventory at low prices. Then, it turned into a high-tech slip-up in which the campaign headquarters accidentally sold an information-ridden BlackBerry to a Fox reporter. Although the sale didn’t look like much when reporter Tisha Thompson arrived at the sale, she did find BlackBerry smartphones going for just $20 apiece. All of the batteries had died, and there weren’t any chargers for sale, but Thompson bought a couple anyway.When she returned to the office and charged up one of the dead BlackBerries, Thompson found more...
Read more...
Earlier this week we reported on Scotland's Sunday Herald's claim that the Best Western hotel group was hit with the world's largest known data breach of eight million people's sensitive information, as well as Best Western's adamant denial. Even if the Sunday Herald story turns out to be true, the Best Western data breach would no longer hold the title of the world's largest known data breach. That record now goes to the Bank of New York (BNY) Mellon, which "lost" the sensitive information of 12.5 million customers. The BNY Mellon data breach itself is not new news. As documented in the Identity Theft Resource Center's ITRC Breach Report 2008, on February 27, 2008, BNY Mellon gave "an unencrypted...
Read more...
No matter how carefully you try to protect your personal and financial information, you are still at the mercy of those companies you choose to give your information too. Unfortunately, it looks like keeping your sensitive data secure is becoming increasingly difficult for some companies. According to the Identity Theft Resource Center (ITRC), 2008 is shaping up to be the year of the greatest number of reported identity-theft security breaches to date: "As of 9:30 a.m. August 22nd, the number of confirmed data breaches in 2008 stood at 449. The actual number of breaches is most likely higher, due to under-reporting and the fact that some of the breaches reported, which affect multiple businesses,...
Read more...
Certainly, there's no lack of accidental data breaches. Companies, even countries like the U.K. have accidentally exposed sensitive information about customers or citizens. But to do it deliberately? Whoa.There has been outrage in Italy after the outgoing government published every Italian's declared earnings and tax contributions on the internet.The tax authority's website was inundated by people curious to know how much their neighbours, celebrities or sports stars were making.The Italian treasury suspended the website after a formal complaint from the country's privacy watchdog.The information was put on the site with no warning for nearly 24 hours.The release of the information was one of...
Read more...
Monday the Massachusetts Bankers Association (MBA) issued a press release announcing a major data breach at what Visa and MasterCard said was an unnamed "major retailer." The details were far worse than the original news, though.A security breach at an East Coast supermarket chain exposed more than 4 million card numbers and led to 1,800 cases of fraud, the Hannaford Bros. grocery chain announced Monday.Hannaford said credit and debit card numbers were stolen during the card authorization process and about 4.2 million unique card numbers were exposed, placing the case among the largest data breaches ever.The breach affected all of its 165 stores in the Northeast, 106 Sweetbay stores in...
Read more...
